Safer Car Design Demands New Testing Approaches

Automotive companies need to evolve their development processes to adapt to the new age of software on wheels.

The automotive market is facing tough challenges when it comes to recalls. It seems that every month (if not week) brings a long list of new recalls. It's not that recalls did not exist in the past, but it seems that their numbers, types, and obvious visibility through the media have significantly increased.

We, of course, have all heard about the Toyota bit flip as well as the recent GM recalls in the media, but details about recalls are also delivered to us directly in our mailboxes.

As an example, I recently received a recall for my Toyota Prius (a car I like, independently of this recall).

The envelope stated: "Software Update for Motor Generator ECU and Power Management ECU." The problem was described as follows:

Inside the Hybrid Inverter Assembly is an Intelligent Power Module (IPM) which contains a control board equipped with transistors. Certain transistors could become damaged when operating the vehicle under high-load driving conditions. If this occurs, various warning lamps on the instrument panel will illuminate. The vehicle should enter a fail-safe mode limiting the vehicle's power, allowing it to be driven a short distance. In some cases, the motor/generator ECU could reset, causing the hybrid system to shut down, resulting in the vehicle stopping while being driven and increasing the risk of a crash.

As I was reading the details of the recall, my immediate reaction was, naturally, to first figure out when I could bring my car in for the software upgrade.

My second reaction, having been involved in automotive and software development for many years, was more focused on what could be done to prevent such a recall in the future.

Virtual prototyping is clearly an approach that makes sense when it comes to software development, integration, and test. The concept of virtual prototyping is relatively simple: Create a simulation of your electronic control system including the electronic hardware (microcontroller) and the mechanical system it controls (some refer to this environment as a virtual hardware-in-the-loop environment). Simulating such a system allows developers to start development, integration, and test earlier; test corner cases without risks; spend more time on testing; perform fault testing, etc.

This approach, as any new design process change, requires some level of investment and commitment from companies deciding to deploy it. The benefits and experiences using virtual prototyping have actually been documented. You can find companies like Bosch, GM, and Hitachi Automotive Systems sharing their use cases in an e-book called Better Software. Faster!

So why aren't more companies taking steps to implement the use of virtual prototypes?

Of course, there are some that will say the technology is not fully mature yet, but an increase in documented usage will prove them wrong. Even if some deployment challenges may still exist, I believe that the industry is actively working to address them and bring further benefit to companies deploying virtual prototyping more widely.

So if not a technology issue, what is slowing companies down? As with any design and development methodology, the return on investment could be in question.

However, the ROI gained from using virtual prototyping has been demonstrated both quantitatively and qualitatively. So is it possible that the investment required was simply not manageable, presenting a barrier too high to pass for automotive companies?

As I pondered this question, I recalled a recent discussion with a leading OEM company faced with a recall.

The engineering management explained at great length that their project was going to be reduced in scope (and some parts canceled entirely) because the recall was going to cost the company a significant amount in legal and settlement fees.

And here it was, right in front of me -- the chicken-and-egg problem. To prevent recalls, companies need to invest, but investing means money needs to be available; and unfortunately this money was used to address the recent recalls! So the investment in virtual prototyping could not happen, while this was clearly a possible solution that could prevent more of these recalls in the future.

While I have no doubt that design negligence causing harm to others should be duly compensated, I also believe that automotive companies need to evolve their development processes to adapt to the new age of software on wheels.

If they expect safe cars to be on the road (autonomous driving will become a reality), automotive companies and government regulators need to allow for investing an equal amount (if not more) in protecting the people affected by past negligence and prevent recalls from happening in the first place. This requires investment: The right balance must be found between legal fees and enabling innovation in the automotive design processes to improve safety for generations to come.

— Marc Serughetti is Director of Business Development for System-Level Solutions at Synopsys. He is responsible for driving the development and deployment of virtual prototyping technologies.

One needs to keep in mind that virtual prototyping (in general) is not a replacement for HW based testing. It should be considered a complementary approach that provides the ability to start testing earlier, fix issues earlier and as a result allow for the test team to have more time for testing.

Another aspect comes in the creation of models, Developers must have in mind what questions/issues they are trying to answer/fix with such model. This will drive what needs to be modelled.

Finally one objective of testing is validating that under certain circumstance the system software can behave in a safe manner. The failure of mechanical or analog component can be simulated (random test can be created). One of course can alwways create too many irrelevant test so another key consideration is the ability to define a relevant set of possible tests.

That's true - almost the same number as from unintentional falls and accidental poisonings. Having a proper perspective of risk (and respect for the facts) can go a long way toward better decision making.

Perhaps the death numbers are declining but it is still 40,000 people annually in North America alone...much larger than all plane crashes that people are so concern about...noone talks about car deaths, it is so common

@Crusty: In London of my Youth, 65 years ago, there were trams and my passion as a child the Diddler Trolley Bus.

Now you mention it -- I seem to have memories of my mother bringing me down to London when I was say 8-ish (circa 1965) and I seem to remember electric trams everywhere -- were they still around at that time, or am I just thinking of films I've seen (damn these false memories :-)

In London of my Youth, 65 years ago, there were trams and my passion as a child the Diddler Trolley Bus.

The horse drawn tram and bus was before my time and had significant problems so much so that a fleet of Thames Sailing barges were used to transport the dung out of town each day.

The trolley bus was the natural evolution from the Tram as it was able to get around obstructions like parked lorrys and cars which the Tram could not. It could even run very short distances on it's battery set.

It is said that the motor industry Lobby of the 1950's and 60's lost us this low polution mass transit system , such a shame.

Less disruptive than trams as no tracks to lay it seems strange that no one wants to invest in trolley bus types of transport any more.

It's not entirely obvious that virtual prototyping would have uncovered this problem. Hard to tell, from the quote of the recall notice.

It seems like under heavy mechanical load, some transistors oddly fail. I have to believe this is caused by overheating. So there could be many reasons for this that virtual prototyping would most likely miss. Including the exact location of the module (ambient temperatures), with consequences on how much heat it can dissipate.

Not to say that virtual prototyping isn't a great idea. It is. However it is also a non-trivial task to verify the validity of the model. And too, I would be surprised if Toyota DIDN'T model everything, before going into production.

I'd go along with this in large part....though I think some of the appearance of this is due to a more egalitarian society and those with nouse coming more into contact with those without much nouse......

However occasionally I find myself doing things that make me think I am devolving too. But maybe it is just advancing age and decrepitude.....